CISA Orders Patch for Linux Container Escape CVE-2022-0492
June 4, 2026
CISA added the Linux kernel CVE-2022-0492 container escape flaw to the KEV catalog, confirming active exploitation with a three-day federal
Cybersecurity
CISA Orders Patch for Linux Container Escape CVE-2022-0492
CISA added the Linux kernel CVE-2022-0492 container escape flaw to the KEV catalog, confirming active exploitation with a three-day federal patch deadline.
CISA Flags Magento RCE CVE-2026-45247; 150K Stores Exposed
CISA added CVE-2026-45247 to its KEV catalog, confirming active exploitation of a CVSS 9.8 Magento RCE flaw that threatens 150,000 e-commerce stores worldwide.
CISA, FBI, NSA, DOE Warn of Active Attacks on Fuel Tank Monitors
CISA, FBI, NSA, and DOE warned of active attacks on internet-exposed fuel tank monitoring systems via authentication bypass and command injection techniques.
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
OFAC sanctioned Nobitex and three companion Iranian crypto exchanges for facilitating IRGC transactions and converting ransomware proceeds into usable funds.
Burst Statistics CVE-2026-8181 Under Mass Exploitation
CVE-2026-8181 in Burst Statistics for WordPress is under mass exploitation, with Wordfence blocking 7,400 daily attempts against over 200,000 affected sites.
Acer Wave 7 Routers Carry Two Max-Severity Zero-Days
Gergo Pap disclosed CVE-2026-49200 and CVE-2026-49201 in Acer Wave 7 routers, enabling credential theft and backdoor access with no patch until end of month.
Public PoC Released for Cisco Unified CM SSRF Bug
Cisco confirmed public PoC code for CVE-2026-20230, a Unified CM SSRF enabling unauthenticated file writes and potential root access on enterprise systems.
TheGentlemen and Genesis Ransomware Hit Two US Clinics
TheGentlemen ransomware claimed Michigan Surgical Center while Genesis targeted Family Medical Associates of Raleigh, exposing PHI to double-extortion pressure.
CISA Faces $700M More Cuts as Mullin Signals Restructure
DHS Secretary Mullin testified CISA will target 2,800 employees and face 700 million more in budget cuts, with a new Senate-confirmed director to be nominated.
DragonForce and Nitrogen Ransomware Hit Three Continents
DragonForce claimed Lebanon IT firm SETS Solutions and Mexican manufacturer Copamex, while Nitrogen posted U.S. real estate developer Pyramid in parallel.
CISA Flags Magento RCE CVE-2026-45247; 150K Stores Exposed
June 4, 2026
CISA added CVE-2026-45247 to its KEV catalog, confirming active exploitation of a CVSS 9.8 Magento RCE flaw that threatens 150,000
CISA, FBI, NSA, DOE Warn of Active Attacks on Fuel Tank Monitors
June 4, 2026
CISA, FBI, NSA, and DOE warned of active attacks on internet-exposed fuel tank monitoring systems via authentication bypass and command
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
June 4, 2026
OFAC sanctioned Nobitex and three companion Iranian crypto exchanges for facilitating IRGC transactions and converting ransomware proceeds into usable funds.
Burst Statistics CVE-2026-8181 Under Mass Exploitation
June 4, 2026
CVE-2026-8181 in Burst Statistics for WordPress is under mass exploitation, with Wordfence blocking 7,400 daily attempts against over 200,000 affected
Acer Wave 7 Routers Carry Two Max-Severity Zero-Days
June 4, 2026
Gergo Pap disclosed CVE-2026-49200 and CVE-2026-49201 in Acer Wave 7 routers, enabling credential theft and backdoor access with no patch
Public PoC Released for Cisco Unified CM SSRF Bug
June 4, 2026
Cisco confirmed public PoC code for CVE-2026-20230, a Unified CM SSRF enabling unauthenticated file writes and potential root access on
TheGentlemen and Genesis Ransomware Hit Two US Clinics
June 4, 2026
TheGentlemen ransomware claimed Michigan Surgical Center while Genesis targeted Family Medical Associates of Raleigh, exposing PHI to double-extortion pressure.
CISA Faces $700M More Cuts as Mullin Signals Restructure
June 4, 2026
DHS Secretary Mullin testified CISA will target 2,800 employees and face 700 million more in budget cuts, with a new
DragonForce and Nitrogen Ransomware Hit Three Continents
June 4, 2026
DragonForce claimed Lebanon IT firm SETS Solutions and Mexican manufacturer Copamex, while Nitrogen posted U.S. real estate developer Pyramid in
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.